<?php
include("../includes/functions.php");
require("../includes/session.php");
ensure_logged_in("teller");
generate_header("teller", "Teller Page");
connect_db();
?>
<div id="single_main_block">
  
  
<?php
	if(!isset($_GET['action'])){	//if we don't have "action" data from prev page
		$action = 'NULL';
	}
	else{
		$action = $_GET['action'];
	}
?>

  
 <?php	// Forms Processing
	if(!isset($_POST['submit'])){
	
	}
	
	else if($action == "cnba"){ //create new bank account
	// first get all postdata
		$acctid = $_POST["acctid"];
		$userid = $_POST["userid"];
		$obalance = intval($_POST["obalance"]);
		$accttype = $_POST["accttype"];

    $returninput = "resend=1&acctid={$acctid}&userid={$userid}&obalance={$obalance}&accttype={$accttype}";

		if(empty($userid) || empty($acctid) || empty($obalance) 
			|| empty($accttype) || !is_numeric($acctid) || !is_numeric($obalance)){
			// if they failed to fill in all mando forms
			redirect_to("teller.php?action=cnba&isblank=1&{$returninput}");
		}
		else {	// if they filled all the forms, check if user exists
		  $valid = is_existing_user($userid,"","",false);

		  if (!$valid){ //If user does not exist, error out
			  redirect_to("teller.php?action=cnba&worry=-7&{$returninput}");
		  }
		  else{//If user exists, 
			  if (is_existing_account($acctid)){ //if account already taken 
		    	redirect_to("teller.php?action=cnba&worry=-2&{$returninput}");
			  }
        else if($obalance < minacctbalance($accttype)){ //If account does not exist, check if min. balance is met
          redirect_to("teller.php?action=cnba&worry=-8&{$returninput}");
        }
			  else { //If everything is fine, create the account
          create_new_bank_account(intval($acctid), $accttype, intval($obalance), $userid, "open", "34");
		      redirect_to("teller.php?action=cnba&worry=2");
			  }
		  }
		}
	}
  
	else if($action == "tdeposit"){ //teller deposit
		$toaccount = $_POST["toaccount"];
		$depositamount = $_POST["depositamount"];
		
		if(empty($toaccount) || (empty($depositamount) && $depositamount !=0) || !is_numeric($toaccount) || !is_numeric($depositamount)){
			// if they failed to fill in all mando forms
			redirect_to("teller.php?action=tdeposit&isblank=1");
		}

		else {	// if they filled all the forms
		  $valid = is_existing_account($toaccount);
      if (!$valid){ //If account doesn't exist
  			redirect_to("teller.php?action=tdeposit&worry=-2");
      }
      else if($depositamount <= 0){ //If account exists, check if given value is more than 0
        redirect_to("teller.php?action=tdeposit&worry=-5");
      }
		  else {  //Else do the deposit
        $result = deposit($depositamount, $toaccount);
        redirect_to("teller.php?action=tdeposit&worry={$result}");
		  }
    }
	}
	
	else if($action == "ttransfer"){ //teller transfer
		$transferamount = $_POST["transferamount"];
		$fromaccount = $_POST["fromaccount"];
		$toaccount = $_POST["toaccount"];
		
		
		if((empty($transferamount) && $transferamount !=0) || empty($toaccount) || empty($fromaccount) 
		|| !is_numeric($transferamount) || !is_numeric($toaccount) || !is_numeric($fromaccount)){
			// if they failed to fill in all FORMS PROPERLY
      echo $transferamount . " " . $fromaccount . " " . $toaccount;
			redirect_to("teller.php?action=ttransfer&isblank=1");
		}
		else {	// if they filled all the fields properly
			if (!is_existing_account($fromaccount) || !is_existing_account($toaccount)){ //either account doesn't exist, KERSPLAT!
				redirect_to("teller.php?action=ttransfer&worry=-2");
		  }
		else if ($transferamount <= 0){ //If transfer amount is invalid
				redirect_to("teller.php?action=ttransfer&worry=-3");
		  }
			else {
        $result = transfer($transferamount,$fromaccount,$toaccount);
        redirect_to("teller.php?action=ttransfer&worry={$result}");
			}
		}
	}
	
	else if($action == "twithdrawal"){ //tellerwithdrawal
		$fromaccount = $_POST["fromaccount"];
		$withdrawalamount = $_POST["withdrawalamount"];

		
		if((empty($withdrawalamount) && $withdrawalamount !=0) || empty($fromaccount)|| !is_numeric($fromaccount) || !is_numeric($withdrawalamount)){
			// if they failed to fill in all forms correctly
			redirect_to("teller.php?action=twithdrawal&isblank=1");
		}
		else {	// if they filled all the forms, check if withdrawal account exists and withdrawal amount is valid
      if (!is_existing_account($fromaccount)){ //If account does not exist
				redirect_to("teller.php?action=twithdrawal&worry=-2");
		  }
      else if ($withdrawalamount <= 0){
        redirect_to("teller.php?action=twithdrawal&worry=-3");
      }
      else if(is_valid_withdrawalamount($withdrawalamount, $fromaccount)!=1){ //If withdrawal amount is invalid
				redirect_to("teller.php?action=twithdrawal&worry=" . is_valid_withdrawalamount($withdrawalamount, $fromaccount));
		  }
			else {	// if account DOES exist and withdrawal is valid, withdraw the money
        $result = withdrawal($withdrawalamount, $fromaccount);
        redirect_to("teller.php?action=twithdrawal&worry={$result}");
			}
		}
	}  
	else if($action=="gad"){ //Get account details
	  if($_POST['submit'] == "CheckID"){
	    if(isset($_POST['userid'])){ //If a valid format userid has been given
	      if(!is_existing_user(mysql_real_escape_string($_POST['userid']), "", "", false)){ //If such a user does not exist
		redirect_to("teller.php?action=gad&worry=-7");
	      }
	      else{ //If user does exist in the system, get user details and pass on to form
		redirect_to("teller.php?action=gad&rightuser=1&userid={$_POST['userid']}");
	      }
	    }
	    else{ //If an empty or weird userid has been given
	      redirect_to("teller.php?action=gad&-9");
	    }
	  }
	}
  
  ?>
  
<!--******************************//-->
<!--******************************//-->
<!--******************************//-->
<!--******************************//-->
<!--******************************//-->
<!--******************************//-->

<?php	// Forms
teller_argumenthandler();
if($action == 'NULL'){	//default
echo '<h2>Welcome to Teller Account</h2>
<p>Now, you have access to teller page</p>  ';
}

else if($action == "cnba"){ //create new bank account

  if(isset($_GET['resend'])){
	  $acctid = $_GET["acctid"];
	  $userid = $_GET["userid"];
	  $obalance = $_GET["obalance"];
  }
  else{
	  $acctid = "";
	  $userid = "";
	  $obalance = "";  
  }
	echo "<form action=\"teller.php?action=cnba\" method=\"post\">

	<fieldset>
	<legend>Account Information</legend>
		User ID: <input type=\"text\" name=\"userid\" value=\"{$userid}\"/><br />
		New Account ID: <input type=\"text\" name=\"acctid\" value=\"{$acctid}\"/><br />
		Opening Balance (appears as deposit): <input type=\"text\" name=\"obalance\" value=\"{$obalance}\"/><br />
	</fieldset>

	<fieldset>
	<legend>Account Type</legend>
	<input type=\"radio\" name=\"accttype\" value=\"Savings\" /> Savings<br />
	<input type=\"radio\" name=\"accttype\" value=\"Credit\" /> Long-Term savings<br />
	<input type=\"radio\" name=\"accttype\" value=\"Checking\" /> Checking<br />
	</fieldset>

	<br/>
	<input type=\"submit\" value=\"Submit\" name=\"submit\" />
	</form>";
}

else if($action == "tdeposit"){ //teller deposit

	echo '	<form action="teller.php?action=tdeposit" method="post">
			<h2>Teller Deposit</h2>

			<h3>Teller Deposit Amount: </h3> 
				<input type="text" name="depositamount" />
			<h3>TO Account: </h3>
			<input type="text" name="toaccount" />
				<input type="submit" value="Submit" name="submit" />
			</form>
		';

}

else if($action == "ttransfer"){ //teller transfer

	echo '
		<h2>Teller Account Transfer</h2>

	
		<form action="teller.php?action=ttransfer" method="post">
		<h3>Transfer Amount:</h3>				
		<input type="text" name="transferamount" />
		
		<h3>FROM Account: </h3>
		<input type="text" name="fromaccount" />
	

		<h3>TO Account: </h3>

			
			<input type="text" name="toaccount" />



	<input type="submit" value="Submit" name="submit" />

		</form>';
	
}

else if($action == "twithdrawal"){ //tellerwithdrawal

	echo '<form action="teller.php?action=twithdrawal" method="post">
			<h2>Teller Withdrawal</h2>

		<h3>Withdrawl Amount: </h3> 
		<input type="text" name="withdrawalamount" />
		<h3>FROM Account: </h3>
		<input type="text" name="fromaccount" />
		<input type="submit" value="Submit" name="submit" />
		</form>
	';
}

else if($action == "gad"){ //Account details
  if(!isset($_GET['rightuser'])){ //If appropriate user has not been given
    echo"
	<form action=\"teller.php?action=gad\" method=\"post\">
	  <div style=\"border:solid 1px;\">
	    User ID: <input type=\"text\" name=\"userid\" /><br />
	  </div>
	  <br/>
	  <input type=\"submit\" value=\"CheckID\" name=\"submit\"/>
	</form>
	";
  } 
  else if(isset($_GET['rightuser']) && isset($_GET['userid'])){ //Account listing will be shown- no bank account is given - only user id
    echo '	<h2>Account Listing</h2>';
    //If a valid username has been given
    $ARRAY = get_user_accounts($_GET['userid']);
    if (mysql_num_rows($ARRAY) <= 0) {	//if user has no accounts
      echo "<strong>This user ({$_GET['userid']}) has no accounts.</strong>";
      echo "<p><a href=\"teller.php?action=gad\">Click Here</a> to check the id once more</p>";
    }
    else {
      echo "	<h3>Account listing for user: {$_GET['userid']}</h3>
                     <table cellspacing=\"10\">
				<tr>
					<th>Account Number</th>
					<th>Account Type</th>
					<th>Account Balance</th>
                                        <th>Account Status</th>
			 	</tr>";
      for ( $i=0 ; $i<mysql_num_rows($ARRAY) ; $i++ ) {
	$account = mysql_fetch_array($ARRAY);
	$accountnum = $account["AccountNumber"];
	$accounttype = $account["TypeID"];
	$accountbal = $account["Balance"];
	$accountstat = $account["AccountStatus"];
	echo "	<tr>";
	echo '' . ($accountstat == "open" ? " <td>{$accountnum}</td>" : " <td>{$accountnum}</td>");
	echo "
				<td>{$accounttype}</td>
				<td>\${$accountbal}</td>
                                <td>".ucfirst($accountstat)."</td>";
	echo "	        	</tr>";
      }
      echo '	</table>';
    }
  }
  
} 
?>
   
</div>
<?php
  include("../includes/footer.php");
?>
